Get the Global IP Investigations and Enforcement Perspective

Industry content delivered straight to your inbox.
Email address
Secure and Spam free...

NFT Marketplace-Impersonations Lead to Cryptocurrency Theft

Last month the U.S. Department of Justice (DOJ) announced the indictment of a Moroccan national for spoofing an NFT marketplace-website resulting in the theft of a Manhattan resident’s cryptocurrency investment of $450,000.

Unfortunately, we have seen this spoofing strategy before. In January of this year, it was reported that North Korea has become very proficient at doing the same.

In our January blog post, we extracted a list of actions from some of the reporting, which an NFT investor can take to minimize the risk of falling victim.

However, there was one item not mentioned on the list that caught my attention in the recent indictment:

The criminals often use “Sponsored” sites to reel their victims in.

Here is a quote from the DOJ press release:

“Through paid advertisements on a popular search engine, [the defendant] caused his spoofed version of the [NFT Marketplace] to appear first in search results for the [NFT Marketplace].”

And here is a quote from the indictment itself:

“To promote the spoofed OpenSea website and trick victims into using the spoofed site… the defendant, paid for sponsored links on a popular internet search engine (“Search Engine-I”). Accordingly, when users of Search Engine-I searched for “opensea,” the first search result would be a link to the spoofed website.”

As we all know, when we do a Google search, “Sponsored Ads” appear on the top of the first page.

Beware. The sponsored ads site could be a criminal impersonating a website for a legitimate product, service, or brand.

As the U.S. Attorney for the Southern District of New York stated in the press release:

“‘Spoofing’ is one of the oldest tricks in the criminal playbook.”

So, in addition to advising your clients and the public to consider the following recommendations to minimize the risk of being duped by phishing or impersonation schemes:

1. Verify websites’ legitimacy before entering personal information, such as your wallet address or private key. Look for official URLs and contact information.

2. Enable two-factor authentication (2FA) for your wallet and other accounts. 2FA is an extra layer of security that requires you to enter a code from a device, such as a smartphone, to access information.

3. Beware of emails that contain links or attachments from unknown senders. Don’t click on any suspicious links or enter your information on websites you’re unfamiliar with.

4. Use strong passwords and don’t reuse them across multiple accounts. It’s also a good idea to regularly change your passwords, especially if you suspect your account may have been compromised.

5. Avoid publicly sharing your wallet address. You should also avoid public Wi-Fi networks and use a VPN when possible.

6. Make sure to spot a phishing email by looking for spelling mistakes, poor grammar, and excessive use of punctuation marks like exclamation points.

Now, add to the list of recommendations:

7. Beware of “Sponsored” sites.


IP Probe Blog – 1/6/23 — NFT Collectors Beware—North Korean Hackers are Phishing in Your Waters

IP Probe Blog – 5/14/22 — First US/DOJ—NFT “Rug Pull” Prosecution: Part 2 of 2

IP Probe Blog – 4/29/22 — First US/DOJ—NFT “Rug Pull” Prosecution: Part 1 of 2

DisclaimerIPProbe.Global is a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, regarding the content provided in IPProbe.Global. We disclaim all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such persons and the accuracy and validity of the information provided by them. This blog is for general information only and not intended to provide legal or other professional advice.

Did you find this post useful?
I agree to have my personal information transfered to MailChimp ( more information )
Join other IP protection professionals, i.e., investigators, attorneys, and brand protection specialists and receive updates straight to your inbox.
We hate spam. Your email address will not be sold or shared with anyone else.

Ron Alvarez is an IP investigations and protection consultant and writer in New York City. He is a former NYPD lieutenant where he investigated robbery, narcotics, internal affairs, and fine art theft cases. Ron has since coordinated the private investigation of international fraud and money laundering cases, as well as IP-related investigations and research involving the four pillars of IP: copyright, patents, trademarks, and trade secrets. Ron is a graduate of the FBI National Academy and earned a B.A. in Government and Public Administration from John Jay College of Criminal Justice in Manhattan. He has written a number of articles for various investigative publications, as well as published "The World of Intellectual Property (IP) Protection and Investigations" in November 2021.

0 comments on “NFT Marketplace-Impersonations Lead to Cryptocurrency Theft

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get the Global IP Investigations and Enforcement Perspective

Industry content delivered straight to your inbox.
Email address
Secure and Spam free...
%d bloggers like this: